list_spaces = ""; $this->counter = 1; $this->count_cat_id = 1; } function removeQuotes($strToChange){ $strToChange=str_replace("'","'",$strToChange); return $strToChange; } /***********************************************************************************/ /******************** GENERAL FUNCTION TO REDIRECT THE PAGES **********************/ /***********************************************************************************/ function redirect($url){ echo(""); die(); } /***********************************************************************************/ /******************** GENERAL FUNCTIONS TO GET RANDOM NUMBER **********************/ /***********************************************************************************/ /*********************************/ function assign_rand_value($num, $alphanums) { $rand_value = $alphanums[$num]; return $rand_value; } /*********************************/ function get_rand_id($length) { // ID is letters and numbers $alphanum = array("", "a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n", "o", "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "z", "A", "B", "C", "D", "E", "F", "G", "H", "I", "J", "K", "L", "M", "N", "O", "P", "Q", "R", "S", "T", "U", "V", "W", "X", "Y", "Z", "0", "1", "2", "3", "4", "5", "6", "7", "8", "9"); if($length>0) { $rand_id=""; for($i=1; $i<=$length; $i++) { mt_srand((double)microtime() * 1000000); $num = mt_rand(1,62); $rand_id .= assign_rand_value($num, $alphanum); } } return $rand_id; } /*********************************/ function get_rnd_iv($iv_len) { $iv = ''; while ($iv_len-- > 0) { $iv .= chr(mt_rand() & 0xff); } return $iv; } /***********************************************************************************/ /******************** GENERAL FUNCTIONS GET DATA AGAINST DB ID **********************/ /***********************************************************************************/ /*********************************/ function showValue($sql,$showfld){ $rss=mysql_query($sql) or die(mysql_error()); $show=mysql_fetch_array($rss); echo($show[$showfld]); } /***********************************************************************************/ /****** GENERAL FUNCTIONS GET DATA AGAINST DB ID for HTML EMAIL FORMATE************/ /***********************************************************************************/ /*********************************/ function showValueOnly($sql,$showfld){ $rss=mysql_query($sql) or die(mysql_error()); $show=mysql_fetch_array($rss); return $show[$showfld]; } /*********************************/ /***********************************************************************************/ /**************** GENERAL FUNCTIONS TO DYMANIC MAKE DROP DOWN **********************/ /***********************************************************************************/ function makeDropDown(){ $numargs = func_num_args(); $rs=mysql_query(func_get_arg (0)) or die(mysql_error()); while($row=mysql_fetch_array($rs,MYSQL_BOTH)){ ?> redirect($rd_fail."?id=1&userid=".$frm_user);*/ } $pass=$_POST[$frm_pass]; if($row[$fld_pass]==($pass)){ setcookie("adminid",$row[1]); $for_permissions = mysql_query("select * from admin_permissions where user_name='" . $row[1] . "' ") or die(mysql_error()); if(mysql_num_rows($for_permissions)>0) { $for_permissions1 = mysql_fetch_array($for_permissions); setcookie("permissions",$for_permissions1["permissions"]); } setcookie("adminname",$row[2]); mysql_query("insert into logs values('','" . $row[1] . "','',' " . $row[1] . " User Logged in',NOW())"); $this->redirect($rd_sucess); }else{ $sql="select * from user where user_name='".$_POST[$frm_user]."' and user_level='Admin'"; $rs=mysql_query($sql) or die(mysql_error()); $row=mysql_fetch_array($rs); if(mysql_num_rows($rs)==0){ $this->redirect($rd_fail."?id=1&userid=".$_POST[$frm_user]); } $pass=$_POST[$frm_pass]; if($row[$fld_pass]==($pass)){ setcookie("adminid",$row[1]); $for_permissions = mysql_query("select * from admin_permissions where user_name='" . $row[1] . "' ") or die(mysql_error()); if(mysql_num_rows($for_permissions)>0) { $for_permissions1 = mysql_fetch_array($for_permissions); setcookie("permissions",$for_permissions1["permissions"]); } setcookie("adminname",$row[2]); mysql_query("insert into logs values('','" . $row[1] . "','',' " . $row[1] . " User Logged in',NOW())"); $this->redirect($rd_sucess); } else { $this->redirect($rd_fail."?id=2&userid=".$_POST[$frm_user]); } $this->redirect($rd_fail."?id=2&userid=".$_POST[$frm_user]); } ob_end_flush(); } /***********************************************************************************/ /**************** GENERAL FUNCTIONS Sate RTE (FOR RTE)**********************/ /***********************************************************************************/ function RTESafe($strText) { $tmpString = trim($strText); $tmpString = str_replace(chr(145), chr(39), $tmpString); $tmpString = str_replace(chr(146), chr(39), $tmpString); $tmpString = str_replace("'", "'", $tmpString); $tmpString = str_replace(chr(147), chr(34), $tmpString); $tmpString = str_replace(chr(148), chr(34), $tmpString); $tmpString = str_replace(chr(10), " ", $tmpString); $tmpString = str_replace(chr(13), " ", $tmpString); return $tmpString; } /***********************************************************************************/ /**************** GENERAL FUNCTIONS IMAGE UPLOAD **********************/ /***********************************************************************************/ function uploadImage($varName,$path) { $chk=1;$ext=0; $numbers = array(","," "); $words = array(";", "_"); if($_FILES[$varName]['name']!=""){ $maxSize = "104857"; $allowedExtensions = array("jpg", "JPG", "JPEG","gif", "GIF", "png", "PNG", "rtf", "doc", "pdf"); $extension = pathinfo($_FILES[$varName]['name']); $ext=$extension['extension']; for($k=0; $k<=9; $k++){ if(strcasecmp($ext,$allowedExtensions[$k])==0){ $chk=0; break; }else { $error ="'".$extension['extension']."' Extension not allowed"; $chk=1; } } } //echo($path); die(); //echo(getcwd()); die(); chdir($path); if($_FILES[$varName]['name']!="" && $chk==0){ $newpath=str_replace(' ','_',$_FILES[$varName]['name']); $newpath=str_replace(',',';',$_FILES[$varName]['name']); //$_FILES[$varName]['name']; $ext=substr($newpath,(strlen($newpath)-4),strlen($newpath)); $newpath=getcwd()."/".str_replace(' ', '_',$_FILES[$varName]['name']); $newpath=getcwd()."/".str_replace(',', ';',$_FILES[$varName]['name']); $change = str_replace($numbers, $words, $newpath); copy($_FILES[$varName]['tmp_name'], $change); //move_uploaded_file($_FILES[$varName]['tmp_name'], $newpath); $hidvar="$ext"; $picpath=$hidvar; $width = 250; $height = 190; $srcFile=getcwd()."/".str_replace(' ', '_',$_FILES[$varName]['name']); $destFile= getcwd()."/".str_replace(' ', '_',$_FILES[$varName]['name']); $srcFile=getcwd()."/".str_replace(',', ';',$_FILES[$varName]['name']); $destFile= getcwd()."/".str_replace(',',';',$_FILES[$varName]['name']); $hidvar = str_replace($numbers, $words,$_FILES[$varName]['name']); //$hidvar=str_replace(',', ';',$_FILES[$varName]['name']); // $hidvar=str_replace(' ', '_',$_FILES[$varName]['name']); }else{ $hidvar="no.jpg"; } return $hidvar; } /***********************************************************************************/ /**************** GENERAL FUNCTIONS FILE UPLOAD *********** **********************/ /***********************************************************************************/ function uploadFile($varName,$path) { $chk=1;$ext=0; if($_FILES[$varName]['name']!=""){ $maxSize = "104857"; $allowedExtensions = array( "doc", "pdf"); $extension = pathinfo($_FILES[$varName]['name']); $ext=$extension['extension']; for($k=0; $k<=1; $k++){ if(strcasecmp($ext,$allowedExtensions[$k])==0){ $chk=0; break; }else { $error ="'".$extension['extension']."' Extension not allowed"; $chk=1; } } } chdir($path); if($_FILES[$varName]['name']!="" && $chk==0){ $newpath=$_FILES[$varName]['name']; $ext=substr($newpath,(strlen($newpath)-4),strlen($newpath)); $newpath=getcwd()."/".$_FILES[$varName]['name']; copy($_FILES[$varName]['tmp_name'],$newpath); $hidvar="$ext"; $picpath=$hidvar; $width = 250; $height = 190; $srcFile=getcwd()."/".$_FILES[$varName]['name']; $destFile= getcwd()."/".$_FILES[$varName]['name']; $hidvar=$_FILES[$varName]['name']; }else{ $hidvar=""; } return $hidvar; } /***********************************************************************************/ /**************** GENERAL FUNCTIONS URL back **************************************/ /***********************************************************************************/ function send_back_form($url){ $vars=""; foreach($_POST as $key=>$value){ $vars.='&'.$key.'='.$value; } $this->redirect($url.$vars); die(); } /***********************************************************************************/ /**************** GENERAL FUNCTIONS TO Check Select Options*************************/ /***********************************************************************************/ function check_option($value1,$value2){ if($value1==$value2){ echo "Selected"; } } /***********************************************************************************/ /**************** GENERAL FUNCTIONS TO Check Radio Options*************************/ /***********************************************************************************/ function check_option_radio($value1,$value2){ if($value1==$value2){ echo "CHECKED"; } } /***********************************************************************************/ /**************** GENERAL FUNCTIONS TO GENERATE TREE *******************************/ /***********************************************************************************/ /*function makeTree($pcatId,$rootName) { $db_oprations= new db_class (); $sql="Select * from categories where parent_cat=".$pcatId; $rs=mysql_query($sql); if($db_oprations->isRowNull($sql)){ while($row=mysql_fetch_array($rs)){ echo('node'.$row['id'].'=CreateTreeItem( '.$this->RTESafe($rootName).', "img/folder_closed.gif", "img/folder_open.gif", "'.$this->RTESafe($row['cat_name']).'", " index.php?cmd=view_product.php&cat_id='.$row['id'].'", null ); '); echo('addField'.$row['id'].'=CreateTreeItem( node'.$row['id'].', "img/folder_closed.gif", "img/folder_open.gif", "Add Field", "index.php?cmd=addfeilds.php&catid='.$row['id'].'", null ); '); echo('editField'.$row['id'].'=CreateTreeItem( node'.$row['id'].', "img/folder_closed.gif", "img/folder_open.gif", "Edit Fields List", "index.php?cmd=categoryfieldslist.php&catid='.$row['id'].'", null ); '); $this->count_cat_id++; $sql="Select * from categories where parent_cat=".$row['id']; if($db_oprations->isRowNull($sql)){ $this->makeTree($row['id'],'node'.$row['id']); } } } } */ function makeTree($pcatId,$rootName) { $db_oprations= new db_class (); $sql="Select * from categories where parent_cat=".$pcatId." order by cat_name"; //print $sql;die; $rs=mysql_query($sql); if($db_oprations->isRowNull($sql)){ while($row=mysql_fetch_array($rs)){ echo('aux'.$row['id'].'=insFld('.$rootName.', gFld("'.$row['cat_name'].'"," index.php?cmd=view_product.php&cat_id='.$row['id'].'"));'); echo('auxaddField'.$row['id'].'=insFld(aux'.$row['id'].', gFld("Add Field"," index.php?cmd=addfeilds.php&catid='.$row['id'].'"));'); echo('auxeditField'.$row['id'].'=insFld(aux'.$row['id'].', gFld("Edit Field","index.php?cmd=categoryfieldslist.php&catid='.$row['id'].'"));'); $sql="Select * from categories where parent_cat=".$row['id']; if($db_oprations->isRowNull($sql)){ $this->makeTree($row['id'],'aux'.$row['id']); } } } } /***********************************************************************************/ /**************** SHOW ADMIN CATAGERY LINKS FUNCTIONS **************************/ /***********************************************************************************/ function showCategories($cat_id) { $qry = "select id,cat_name,parent_cat from categories where id = ".$cat_id; $rs = mysql_query($qry) or die(mysql_error()); if(mysql_result($rs,0,'parent_cat')!=0) { $this->showCategories(mysql_result($rs,0,'parent_cat')); } $id = mysql_result($rs,0,'id') or die(mysql_error()); $this->title.="".@mysql_result($rs,0,'cat_name')." >>"; //$this->title.= @mysql_result($rs,0,'cat_name')." >> "; return $this->title; } function checkCategories($cat_id) { $qry = "select id,cat_name,parent_cat from categories where id = ".$cat_id; $rs = mysql_query($qry) or die(mysql_error()); if(mysql_result($rs,0,'parent_cat')!=0) { $this->checkCategories(mysql_result($rs,0,'parent_cat')); } $id = mysql_result($rs,0,'id') or die(mysql_error()); $this->title.="".@mysql_result($rs,0,'cat_name')." >>"; //$this->title.= @mysql_result($rs,0,'cat_name')." >> "; return $this->title; } /***********************************************************************************/ /**************** REPORT FUNCTIONS TO GENERATE TREE *******************************/ /***********************************************************************************/ function make_report_tree($pcatId=0,$rootName){ $db_oprations= new db_class (); $sql="Select * from categories where parent_cat=".$pcatId . " order by cat_name asc"; $rs=mysql_query($sql); if($db_oprations->isRowNull($sql)){ while($row=mysql_fetch_array($rs)){ if($_GET["type"]=="sku") { if($_GET["report_basis"]=="active") { $sql1 = "select items.* from items,categories_products where categories_products.category_id=" .$row['id'] . " and categories_products.product_id=items.item_id and items.item_family<>'Discontinued' order by items.itemid asc" ; } else { $sql1 = "select item.* from items,categories_products where categories_products.category_id=" .$row['id'] . " and categories_products.product_id=items.item_id order by items.item_id asc" ; } } elseif($_GET["type"]=="sel_sku") { if($_GET["report_basis"]=="active") { $sql1 = "select items.* from items,categories_products where categories_products.category_id=" .$row['id'] . " and categories_products.product_id=items.item_id <>'Discontinued' order by items.itemid ,items.item_name asc" ; } else { $sql1 = "select items.* from items,categories_products where categories_products.category_id=" .$row['id'] . " and categories_products.product_id=items.item_id order by items.item_name asc" ; } } else { if($_GET["report_basis"]=="active") { $sql1 = "select item.* from item,categories_products where categories_products.category_id=" .$row['id'] . " and categories_products.product_id=item.item_id <>'Discontinued' order by item.item_name asc" ; } else { $sql1 = "select items.* from items,categories_products where categories_products.category_id=" .$row['id'] . " and categories_products.product_id=items.item_id order by items.item_name asc" ; } } $res1= mysql_query($sql1) or die(mysql_error()); if(mysql_num_rows($res1)>0) { echo ''.$row['cat_name'].''; $count = 1; while($row_pro = mysql_fetch_object($res1)) { $color = "#dddddd"; ?> Click here to edit Product del_gray.jpgdel.jpg" border="0" alt="Click here to delete Product"> $ ' . $row_pro['item_name'] . '';*/ $count++; } } $sql="Select * from categories where parent_cat=".$row['id'] . " order by cat_name asc"; if($db_oprations->isRowNull($sql)){ $this->make_report_tree($row['id'],'node'.$row['id']); } } } } /*****************************************************************************************************************/ /********************* FUNCTION TO DISPLAY LISTING OF ALL CATEGORIES WITH SUBCATEGORIES **************************/ /*****************************************************************************************************************/ function view_all_categories_listing($pcatId=0,$rootName) { $this->list_spaces .="     "; $db_oprations= new db_class (); $sql="Select * from categories where parent_cat=".$pcatId; $rs=mysql_query($sql); if($db_oprations->isRowNull($sql)){ while($row=mysql_fetch_array($rs)) { //$this->list_spaces .="  "; if($row['parent_cat']==0) { $font_class = "blacktxt"; } else { $font_class = "text"; } if($this->counter%2==0) { $color = "#dddddd"; } else { $color = "#FFFFFF"; } $qq = mysql_query("select categories_products.category_id from categories_products,items where categories_products.category_id=" . $row['id'] . " and categories_products.product_id = items.item_id"); if(mysql_num_rows($qq)>0) { $link = ' href="index.php?cmd=viewproduct.php&cat_id=' . $row['id'] . '" title="View Products for this Category"'; } else { $link = ' href="javascript:" title="No Products found for Category"'; } $cat_html = ''; $cat_html .= '' . $this->list_spaces . ' ' . $row['cat_name'] . ''; if($color== "#dddddd") { $cat_html .= ""; } else { $cat_html .= ""; } $cat_html .= ''; echo $cat_html; $this->counter++; $sql="Select * from categories where parent_cat=".$row['id']; if($db_oprations->isRowNull($sql)) { $this->view_all_categories_listing($row['id'],'node'.$row['id']); } } $this->list_spaces = substr_replace($this->list_spaces,"",strpos($this->list_spaces,"&"),30); } else { } } /****************************** Check boxex for products page **********************/ function view_all_categories_listing_checks($pcatId=0,$rootName) { $this->list_spaces .="     "; $db_oprations= new db_class (); $sql="Select * from categories where parent_cat=".$pcatId ." order by cat_name"; $rs=mysql_query($sql); if($db_oprations->isRowNull($sql)){ while($row=mysql_fetch_array($rs)) { //$this->list_spaces .="  "; if($row['parent_cat']==0) { $font_class = "blacktxt"; } else { $font_class = "text"; } if($this->counter%2==0) { $color = "#bcc79c"; } else { $color = "#FFFFFF"; } $qq = mysql_query("select categories_products.category_id from categories_products,items where categories_products.category_id=" . $row['id'] . " and categories_products.product_id = items.item_id"); if(mysql_num_rows($qq)>0) { $link = ' href="index.php?cmd=view_product.php&cat_id=' . $row['id'] . '" title="View Products for this Category"'; } else { $link = ' href="javascript:" title="No Products found for Category"'; } $cat_html = ''; $cat_html .= '' . $this->list_spaces ; // if($row['parent_cat']!=0){ $cat_html .= ' select_data($sql); while($rowCatPro=mysql_fetch_array($rsCatPro)){ if($rowCatPro['category_id']==$row['id']) $cat_html .=" CHECKED"; } } $sqlChk="select id,cat_name from categories where parent_cat=".$row['id']; //if($db_oprations->isRowNull($sqlChk)){ //$cat_html .=' DISABLED '; //} $cat_html .='>'; // } $cat_html .=' ' . $row['cat_name'] . ''; $cat_html .= ''; echo $cat_html; $this->counter++; $sql="Select * from categories where parent_cat=".$row['id']; if($db_oprations->isRowNull($sql)) { $this->view_all_categories_listing_checks($row['id'],'node'.$row['id']); } } $this->list_spaces = substr_replace($this->list_spaces,"",strpos($this->list_spaces,"&"),30); } else { } } } ?>select_data("SELECT * FROM categories WHERE cat_name = '".$_POST['cat_name']."'"); if(mysql_num_rows($rs) == 0) $this->insert_data("categories"); else return 0; } /**************************************************/ /** UPDATE CATEGOTY *******************************/ /**************************************************/ function edit_cat(){ $this->edit_data("categories", "id='".$_REQUEST['id']."'"); } /**************************************************/ /** DELETE CATEGOTY *******************************/ /**************************************************/ // deletes the category information. function del_cat() { $this->move_to_subcat($_POST['id']); // move to the sub categories } // This function will move to sub categories of the given cat_id and delete their information. function move_to_subcat($cat_id) { $qry = "select id from categories where parent_cat = '".$cat_id."'"; $rs = @mysql_query($qry); while($row = mysql_fetch_object($rs) ) // moves to the child rows { $this->move_to_subcat($row->id); } $this->del_cat_info($cat_id); // delete the categoy information from db } // This function is use to delete the function del_cat_info($cat_id) { //$qryCatImage = "select cat_image from categories where id = '".$cat_id."'"; //$rsCatImage = $this->select_data($qryCatImage); //unlink("../categories/".$rsCatImage); // delete the image of the category. $this->del_cat_items($cat_id); // delete item and information related to the items of the specific cateogry. $qryCatField = "delete from category_fields where category_id='".$cat_id."'"; // delete the speicific category fileds $qryCat = "delete from categories where id='".$cat_id."'"; // delete the speicific category @mysql_query($qryCatField); @mysql_query($qryCat); } function del_cat_items($cat_id) { $qry = "select item_id from item where cat_id = '".$cat_id."'"; $rs = $this->select_data($qry); while($row = @mysql_fetch_object($rs)) { $qryItem ="delete from item where item_id = '".$row->item_id."'"; $qryItemImage = "delete from item_images where item_id = '".$row->item_id."'"; @mysql_query($qryItem); @mysql_query($qryItemImage); } } function insert_cat_field(){ $dataType['text']=" VARCHAR( 255 ) "; $dataType['number']=" INT( 11 )"; $dataType['bool']=" TINYINT( 1 ) "; $dataType['longtext']=" TEXT "; $sql="ALTER TABLE `categories` ADD `".$_POST['field_name']."` ".$dataType[$_POST['field_type']].""; $this->insert_data("category_fields"); mysql_query($sql) or die(mysql_error()); } function edit_cat_field() { $dataType['text']=" VARCHAR( 255 ) "; $dataType['number']=" INT( 11 )"; $dataType['bool']=" TINYINT( 1 ) "; $dataType['longtext']=" TEXT "; $rowFeild=$this->select_data_get_row("select * from category_fields where field_id=".$_POST['fieldid']); $sql="ALTER TABLE `categories` CHANGE `".$rowFeild['field_name']."` `".$_POST['field_name']."` ".$dataType[$_POST['field_type']].""; $this->edit_data("category_fields"," field_id=".$_POST['fieldid']); mysql_query($sql) or die(mysql_error()); } function delete_cat_field() { $rowFeild=$this->select_data_get_row("select * from category_fields where field_id=".$_REQUEST['field_id']); $sql="ALTER TABLE `categories` DROP `".$rowFeild['field_name']."`"; mysql_query($sql) or die(mysql_error()); $sql="delete from category_fields where field_id =".$_REQUEST['field_id']; mysql_query($sql) or die(mysql_error()); } } ?>insertDataGetid("items","item_id"); // set the image in item_images table $qryImg = "insert into item_images(item_id,image_src,selected) values('".$maxItemId."','".$_REQUEST['image_src']."','1')"; mysql_query($qryImg) or die(mysql_error()); foreach($_POST as $key=>$value){ if(substr($key,0,4)=="cat_"){ $sql="insert into categories_products(category_id,product_id) values('$value',$maxItemId)"; mysql_query($sql) or die(mysql_error()); } } } /**************************************************/ /** UPDATE ITEM *******************************/ /**************************************************/ function edit_item() { $this->edit_data("item","item_id=".$_REQUEST['item_id'].""); $sql="Delete from categories_products where product_id=".$_REQUEST['item_id']; mysql_query($sql) or die(mysql_error()); foreach($_REQUEST as $key=>$value){ if(substr($key,0,4)=="cat_"){ $sql="insert into categories_products(category_id,product_id) values($value,".$_REQUEST['item_id'].")"; mysql_query($sql) or die(mysql_error()); } } } /**************************************************/ /** DELETE ITEM *******************************/ /**************************************************/ function del_item() { // delete item images from item_images table. $qryImg = "delete from item_images where item_id = '".$_POST['item_id']."'"; mysql_query($qryImg); $qryitmcat = "delete from categories_products where product_id = '".$_POST['item_id']."'"; mysql_query($qryitmcat); $this->del_data("item", "item_id='".$_POST['item_id']."'"); // @unlink(); } function del_selected_items($itemid) { // delete item images from item_images table. $qryImg = "delete from item_images where item_id = '".$itemid."'"; mysql_query($qryImg); $this->del_data("item", "item_id='".$itemid."'"); // @unlink(); } function insert_item_field(){ $dataType['text']=" VARCHAR( 255 ) "; $dataType['number']=" INT( 11 )"; $dataType['bool']=" TINYINT( 1 ) "; $dataType['longtext']=" TEXT "; $dataType['image']=" VARCHAR( 255 ) "; $dataType['file']=" VARCHAR( 255 ) "; $row1=$this->select_data("select * from items_fields where field_name like '%" . $_POST['field_name'] . "%'"); if(mysql_num_rows($row1)<1) { $sql="ALTER TABLE `item` ADD `".$_POST['field_name']."` ".$dataType[$_POST['field_type']].""; $this->insert_data("items_fields"); mysql_query($sql) or die(mysql_error()); } else { $obj1 = new generalfunctions(); $obj1->redirect("index.php?cmd=addprofield.php&proid=" . $_REQUEST["item_id"] . "&err=1" ); } } function edit_item_field(){ $dataType['text']=" VARCHAR( 255 ) "; $dataType['number']=" INT( 11 )"; $dataType['bool']=" TINYINT( 1 ) "; $dataType['longtext']=" TEXT "; $dataType['image']=" VARCHAR( 255 ) "; $dataType['file']=" VARCHAR( 255 ) "; $rowFeild=$this->select_data_get_row("select * from items_fields where field_id=".$_POST['fieldid']); $sql="ALTER TABLE `item` CHANGE `".$rowFeild['field_name']."` `".$_POST['field_name']."` ".$dataType[$_POST['field_type']].""; $this->edit_data("items_fields"," field_id=".$_POST['fieldid']); mysql_query($sql) or die(mysql_error()); } function delete_item_field(){ $rowFeild=$this->select_data_get_row("select * from items_fields where field_id=".$_REQUEST['fieldid']); $sql="ALTER TABLE `item` DROP `".$rowFeild['field_name']."`"; mysql_query($sql) or die(mysql_error()); $sql="delete from items_fields where field_id =".$_REQUEST['fieldid']; mysql_query($sql) or die(mysql_error()); } function additem_img(){ $general= new generalfunctions(); $filename=$general->uploadImage("userimage", "../items"); $sql="insert into item_images(item_id,image_src,selected) Values ('".$_POST['proid']."','".$filename."','0')"; mysql_query($sql) or die(mysql_error()); $general->redirect("index.php?cmd=manageimages.php&proid=".$_POST['proid']."&msg=1"); } function delitem_img(){ $general= new generalfunctions(); $rowImg=$this->select_data_get_row("Select * from item_images where image_id=".$_GET['imgid']); unlink("../items/".$rowImg['image_src']); $sql="delete from item_images where image_id=".$_GET['imgid']; mysql_query($sql) or die(mysql_error()); $general->redirect("index.php?cmd=manageimages.php&proid=".$_GET['proid']."&msg=2"); } function select_img(){ $general= new generalfunctions(); mysql_query("UPDATE item_images SET selected=0 WHERE item_id='".$_GET['proid']."'"); mysql_query("UPDATE item_images SET selected=1 WHERE image_id='".$_POST['selImage']."'"); $general->redirect("index.php?cmd=manageimages.php&proid=".$_GET['proid'].""); } function add_accessory(){ $this->insert_data("accessories"); } function edit_accessory(){ $this->edit_data("accessories"," item_accessories_id=".$_REQUEST['assid']); } function delete_accessory(){ mysql_query("delete from accessories where item_accessories_id=".$_REQUEST['acsid']); } /** FUNCTIONS FOR RELATED ITEMS *******************************************************/ function add_related_product(){ $this->insert_data("related_product"); } function edit_related_product(){ $this->edit_data("related_product"," item_related_product_id=".$_REQUEST['relid']); } function delete_related_product(){ mysql_query("delete from related_product where item_related_product_id=".$_REQUEST['relid']); } function move_to_child($item_id) { $qry = "select item_id from item where item_parent = '".$item_id."'"; $rs = @mysql_query($qry) or die(mysql_error()); while($row = mysql_fetch_object($rs) ) // moves to the child rows { $this->move_to_child($row->item_id); } $this->delete_item_info($item_id); // delete the categoy information from db } function delete_item_info($item_id) { $qry = "select image_src from item_images where item_id = '".$item_id."'"; $rs = $this->select_data($qry); $img_src = @mysql_result($rs,0,'image_src'); // delete item images from item_images table. $qryImg = "delete from item_images where item_id = '".$item_id."'"; @mysql_query($qryImg) or die(@mysql_error()); $this->del_data("item", "item_id='".$item_id."'"); // unlink('items/'.$img_src); } } ?>select_data("SELECT * FROM user WHERE user_name = '".$_POST['user_name']."'"); if(mysql_num_rows($rs) == 0){ $id=$this->insertDataGetid("user","id"); return $id; }else return 0; } function edit_admin_user() { $this->edit_data("user", " id='".$_REQUEST['user_id']."'"); } /**************************************************/ /** USER UPDATION *******************************/ /**************************************************/ function edit_user() { //$this->edit_data("user", " id=".$_COOKIE['userid'].""); $sqle = "Update user set company = '".$_REQUEST['compnay']."', contact_phone='".$_REQUEST['contact_phone']."', alt_phone='".$_REQUEST['alt_phone']."', l_name = '".$_REQUEST['l_name']."', f_name = '".$_REQUEST['f_name']."' where id = '".$_REQUEST['user_id']."'"; mysql_query($sqle) or mysql_error(); $sql = "Update user_payment set f_name = '".$_REQUEST['f_name']."', l_name = '".$_REQUEST['l_name']."', payment_address = '".$_REQUEST['payment_address']."', payment_address2 = '".$_REQUEST['payment_address2']."', payment_zip_code = '".$_REQUEST['payment_zip_code']."' , payment_country = '".$_REQUEST['payment_country']."' , payment_state = '".$_REQUEST['payment_state']."' , payment_city = '".$_REQUEST['payment_city']."' where user_id = '".$_REQUEST['user_id']."' and payment_info = 'b'"; //print $sql; mysql_query($sql) or mysql_error(); $sql2 = "Update user_payment set f_name = '".$_REQUEST['shp_f_name']."', l_name = '".$_REQUEST['shp_l_name']."', payment_address = '".$_REQUEST['shp_payment_address']."', payment_address2 = '".$_REQUEST['shp_payment_address2']."', payment_zip_code = '".$_REQUEST['shp_payment_zip_code']."' , payment_country = '".$_REQUEST['shp_payment_country']."' , payment_state = '".$_REQUEST['shp_payment_state']."' , payment_city = '".$_REQUEST['shp_payment_city']."' where user_id = '".$_REQUEST['user_id']."' and payment_info = 's'"; //print $sql2; mysql_query($sql2) or mysql_error(); } /**************************************************/ /** USER DELETION *******************************/ /**************************************************/ function del_user(){ $this->del_data("user_payment", "user_id='".$_POST['id']."'"); //$this->del_data("user_payment", "id='".$_POST['id']."'"); $this->del_data("user", "id='".$_POST['id']."'"); } function insert_billing_info() { $flag=0; $userid=$this->insert_user(); if($userid!=0) { ///////////////////////////////////////////////////////////// /*$sql = "Insert into user_payment values('".$userid."','".$_REQUEST['f_name']."', '".$_REQUEST['l_name']."' , '".$_REQUEST['payment_address']."','".$_REQUEST['payment_address2']."','".$_REQUEST['payment_zip_code']."','".$_REQUEST['payment_country']."','".$_REQUEST['payment_state']."','".$_REQUEST['payment_city']."','s')"; @mysql_query($sql) or die(mysql_error()); ///////////////////////////////////////////////// $sql = "Insert into user_payment() values('".$userid."','".$_REQUEST['shp_f_name']."', '".$_REQUEST['shp_l_name']."' , '".$_REQUEST['shp_payment_address']."','".$_REQUEST['shp_payment_address2']."','".$_REQUEST['shp_payment_zip_code']."','".$_REQUEST['shp_payment_country']."','".$_REQUEST['shp_payment_state']."','".$_REQUEST['shp_payment_city']."','b')"; mysql_query($sql) or die(mysql_error()); $flag = 1; */ $sql = "insert into user_payment set user_id='".$userid."',f_name = '".$_REQUEST['f_name']."', l_name = '".$_REQUEST['l_name']."', payment_address = '".$_REQUEST['payment_address']."', payment_address2 = '".$_REQUEST['payment_address2']."', payment_zip_code = '".$_REQUEST['payment_zip_code']."' , payment_country = '".$_REQUEST['payment_country']."' , payment_state = '".$_REQUEST['payment_state']."' , payment_city = '".$_REQUEST['payment_city']."', payment_info = 'b'"; //print $sql; mysql_query($sql) or mysql_error(); $sql2 = "insert into user_payment set user_id='".$userid."',f_name = '".$_REQUEST['shp_f_name']."', l_name = '".$_REQUEST['shp_l_name']."', payment_address = '".$_REQUEST['shp_payment_address']."', payment_address2 = '".$_REQUEST['shp_payment_address2']."', payment_zip_code = '".$_REQUEST['shp_payment_zip_code']."' , payment_country = '".$_REQUEST['shp_payment_country']."' , payment_state = '".$_REQUEST['shp_payment_state']."' , payment_city = '".$_REQUEST['shp_payment_city']."', payment_info = 's'"; //print $sql2; mysql_query($sql2) or mysql_error(); $flag=1; } return $flag; } /**************************************************/ /** FOR SETTING ADMIN PERMISSIONS *******************************/ /**************************************************/ function set_admin_permissions() { $permissions = implode(",",$_POST["rights"]); $rs=$this->select_data("SELECT * FROM admin_permissions WHERE user_name = '".$_POST['user_name'] . "' "); if(mysql_num_rows($rs)>0) { $this->select_data("update admin_permissions set permissions='" . $permissions . "' where user_name= '" . $_POST['user_name'] . "' "); } else { $this->select_data("insert into admin_permissions values('','" . $_POST["user_name"] . "','" . $permissions . "')"); } } } ?>